Cybersecurity

Maryland appoints first chief data and privacy officers

The two new officials in Gov. Larry Hogan's office are responsible for updating and implementing statewide policies and leading interagency working groups.

By Benjamin Freed

November 10, 2021

Maryland Gov. Larry Hogan, center, named Patrick McLoughlin as the state's first chief data officer, and Laura Gomez-Martin as its first chief privacy officer. (State of Maryland)

Maryland Gov. Larry Hogan on Wednesday named the state’s first-ever chief data and chief privacy officers, following a pair of executive orders he signed earlier this year expanding the state’s cybersecurity governance policies.

In a press release, Hogan’s office said that Laura Gomez-Martin, currently the state’s deputy chief information security officer, will serve as the privacy chief. An attorney by training, Gomez-Martin joined the Maryland Department of Information Technology last December after several years as the compliance director with Skyline Technology Solutions, a local IT services integrator that’s worked extensively with the state government.

“How organizations collect and use data has increasingly become an important issue, and I’m excited to work with the governor’s office and state agencies to continue building privacy practices that protect the personal information of Maryland residents,” Gomez-Martin said in the press release.

As the chief privacy officer, Gomez-Martin will be responsible for developing and implementing guidelines about how agencies collect and safeguard residents’ personal information, including the creation of a statewide “data strategic plan.” She’ll also head up a new working group of agency-level privacy officers who’ll meet at least once a month. The agency privacy officers, who are to be designated by each Cabinet-level department, are also required to file annual reports with Gomez-Martin detailing their organizations’ IT inventories, data assets, cloud services and vendor contracts.

Chief privacy officers are becoming more common in state government. At least 12 other states have added the role, according to a 2019 report by the National Association of State Chief Information Officers.

Chief data officer

Maryland’s new chief data officer role, meanwhile, will be filled by Patrick McLoughlin, who for the past two years has been a consultant with JMT Technology Group, a Baltimore tech firm. He also spent three years working for the Maryland IT department, serving as director of business intelligence and running the state’s open-data program.

Similar to Gomez-Martin’s privacy duties, McLoughlin will be tasked with developing new statewide data-governance strategies and leading a group of agency-level data leads.

“In this environment of threats and vulnerabilities, it is critical that governments stay at the forefront of these issues,” he said in the press release.

Both Gomez-Martin and McLoughlin are assigned to work out of Hogan’s executive office, rather than the Department of Information Technology. Hogan signed the executive orders creating the chief data and chief privacy jobs on Aug. 2 at the conclusion of a daylong cybersecurity summit in Annapolis. That event also concluded with a new partnership between the state and the National Security Agency, which is lending one of its data analysts to advise the governor on data governance and cybersecurity policy.